Your message dated Thu, 12 Dec 2013 21:22:42 +0000
with message-id <e1vrdiu-00029s...@franck.debian.org>
and subject line Bug#731895: fixed in php5 5.5.7+dfsg-1
has caused the Debian Bug report #731895,
regarding php5: CVE-2013-6420: memory corruption in openssl_x509_parse()
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
731895: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731895
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: php5
Severity: grave
Tags: security upstream patch
Hi,
the following vulnerability was published for php5.
CVE-2013-6420[0]:
php: memory corruption in openssl_x509_parse()
The upstream commit is found at [1].
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
http://security-tracker.debian.org/tracker/CVE-2013-6420
[1]
http://git.php.net/?p=php-src.git;a=commitdiff;h=c1224573c773b6845e83505f717fbf820fc18415
Please adjust the affected versions in the BTS as needed; could you
check if squeeze and wheezy are affected as well?
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: php5
Source-Version: 5.5.7+dfsg-1
We believe that the bug you reported is fixed in the latest version of
php5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 731...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <ond...@debian.org> (supplier of updated php5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 12 Dec 2013 20:49:21 +0100
Source: php5
Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi
php5-cli php5-fpm libphp5-embed php5-dev php5-dbg php-pear php5-curl
php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap
php5-mcrypt php5-readline php5-mysql php5-mysqlnd php5-odbc php5-pgsql
php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc
php5-xsl
Architecture: source all amd64
Version: 5.5.7+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-ma...@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ond...@debian.org>
Description:
libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2
module)
libapache2-mod-php5filter - server-side, HTML-embedded scripting language
(apache 2 filter mo
libphp5-embed - HTML-embedded scripting language (Embedded SAPI library)
php-pear - PEAR - PHP Extension and Application Repository
php5 - server-side, HTML-embedded scripting language (metapackage)
php5-cgi - server-side, HTML-embedded scripting language (CGI binary)
php5-cli - command-line interpreter for the php5 scripting language
php5-common - Common files for packages built from the php5 source
php5-curl - CURL module for php5
php5-dbg - Debug symbols for PHP5
php5-dev - Files for PHP5 module development
php5-enchant - Enchant module for php5
php5-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
php5-gd - GD module for php5
php5-gmp - GMP module for php5
php5-imap - IMAP module for php5
php5-interbase - interbase/firebird module for php5
php5-intl - internationalisation module for php5
php5-ldap - LDAP module for php5
php5-mcrypt - MCrypt module for php5
php5-mysql - MySQL module for php5
php5-mysqlnd - MySQL module for php5 (Native Driver)
php5-odbc - ODBC module for php5
php5-pgsql - PostgreSQL module for php5
php5-pspell - pspell module for php5
php5-readline - Readline module for php5
php5-recode - recode module for php5
php5-snmp - SNMP module for php5
php5-sqlite - SQLite module for php5
php5-sybase - Sybase / MS SQL Server module for php5
php5-tidy - tidy module for php5
php5-xmlrpc - XML-RPC module for php5
php5-xsl - XSL module for php5
Closes: 730528 731895
Changes:
php5 (5.5.7+dfsg-1) unstable; urgency=high
.
* New upstream version 5.5.7+dfsg
+ [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes:
#731895)
* Enable dtrace/systemtap support (Closes: #730528)
Checksums-Sha1:
45561571b9aa70e6872ec5e489a0de278c8b95f0 3956 php5_5.5.7+dfsg-1.dsc
6eb0fe206336e03740a6c7d7c72dd2c7fd28c9b4 10823400 php5_5.5.7+dfsg.orig.tar.xz
74fdb2ec17239db3d463ef315af7db4c9d7f4390 135646 php5_5.5.7+dfsg-1.debian.tar.gz
ccff0c238cba36dba881e489e7ddb4e301c3ffb3 1254 php5_5.5.7+dfsg-1_all.deb
aedeee3c025b46f69656355451c0938b27179168 266898 php-pear_5.5.7+dfsg-1_all.deb
2e3d01cc35fa8fd7ac274de0630614a9097afe3c 352862
php5-common_5.5.7+dfsg-1_amd64.deb
1cf18373b9c48920176e15e67b2d7bb12e1bad3a 2137580
libapache2-mod-php5_5.5.7+dfsg-1_amd64.deb
e823b0d7cfe8f6ebf2725148a1a97fef2c579c2f 2136906
libapache2-mod-php5filter_5.5.7+dfsg-1_amd64.deb
71d78369cdef36c8b73462773be01a1ffe0aba8a 4105944
php5-cgi_5.5.7+dfsg-1_amd64.deb
1f1feebf4f65c7d0682966839a88b1ddea7ffb0e 2090410
php5-cli_5.5.7+dfsg-1_amd64.deb
aacd07e3d6f2255fb1f4b5298fc259e54eed224b 2116214
php5-fpm_5.5.7+dfsg-1_amd64.deb
c87419a96b760d99967fecfba588847dbbcace45 2134202
libphp5-embed_5.5.7+dfsg-1_amd64.deb
fcc413c018c72e0664d0b38ccd6bd3cb662b45cf 349644 php5-dev_5.5.7+dfsg-1_amd64.deb
09b06a47ed528c5bf4e3592fce9d50e7d04d553e 30295604
php5-dbg_5.5.7+dfsg-1_amd64.deb
55d48341af768c0838357843e30289d2a95bdd66 27034 php5-curl_5.5.7+dfsg-1_amd64.deb
db8a4c3f20cadcee0de0c0979433a2598289c14e 9068
php5-enchant_5.5.7+dfsg-1_amd64.deb
3f54d2cff82a433655d2227d95820bc484110ae4 27430 php5-gd_5.5.7+dfsg-1_amd64.deb
8915740699649e9db12108de442dcd1c08184a17 14624 php5-gmp_5.5.7+dfsg-1_amd64.deb
50a9f7cb1ba3d5316f3585154311605e205e08b2 30014 php5-imap_5.5.7+dfsg-1_amd64.deb
5135513e4e777deca1cae5c1eb84d1c20c1c0f7a 41398
php5-interbase_5.5.7+dfsg-1_amd64.deb
c64a6844502a55d7dddfcc4b5e84f00894edd230 108566
php5-intl_5.5.7+dfsg-1_amd64.deb
13b620ff565b869599227b147132565a11e43b13 18906 php5-ldap_5.5.7+dfsg-1_amd64.deb
95d7fb60094d96fb5d8dcf9aa71e0ed1bfb302d7 13998
php5-mcrypt_5.5.7+dfsg-1_amd64.deb
c1f43c53a71709c60779ec3dcc25e3b676fa23de 11980
php5-readline_5.5.7+dfsg-1_amd64.deb
8455bd07cd5ff83f3aa594928149bdda4e61136d 62838
php5-mysql_5.5.7+dfsg-1_amd64.deb
31483c339469e42f9551b8ec22ced7865bb9d145 134724
php5-mysqlnd_5.5.7+dfsg-1_amd64.deb
853acfb63695ad3ab8b9f6fed11e33148737db9a 30180 php5-odbc_5.5.7+dfsg-1_amd64.deb
5cb742657ea285fdf7c44bd1f8b8bab2f4dba23a 51448
php5-pgsql_5.5.7+dfsg-1_amd64.deb
3baf215d4a047120669e664d620b7266c6b5b0d0 8016
php5-pspell_5.5.7+dfsg-1_amd64.deb
d99d14b0177527f559461c56786d59fb98049f42 5388
php5-recode_5.5.7+dfsg-1_amd64.deb
d8a5b227f67fc6a1f4a7ca968003531b702a0fc8 19058 php5-snmp_5.5.7+dfsg-1_amd64.deb
d18e75b4646f9424c27fc079abf994e687fb4260 24042
php5-sqlite_5.5.7+dfsg-1_amd64.deb
72a7a82eee23c52d5b0bc0a9241cc92f8189ed71 23822
php5-sybase_5.5.7+dfsg-1_amd64.deb
83128c5f5890e7063916e47d225ed3aae835f3d2 16112 php5-tidy_5.5.7+dfsg-1_amd64.deb
d1824ce97a39d64f802f134a6522768acf57372d 35018
php5-xmlrpc_5.5.7+dfsg-1_amd64.deb
273d5e8ebac1b8c3ec383bf7033dcf928140ae45 13734 php5-xsl_5.5.7+dfsg-1_amd64.deb
Checksums-Sha256:
c1154c5b1f84624b00ad27b2a9c270535e7aa33203257a14c69b66b50c5a0797 3956
php5_5.5.7+dfsg-1.dsc
39f1fb9042950307e58b8e1ec300a636c7fee6117ef00bc2ea8751920e44ab3a 10823400
php5_5.5.7+dfsg.orig.tar.xz
895eaf53abdc7d880d5be0f2ba0914210b979014de007a9b7d8e3bcc3c55686c 135646
php5_5.5.7+dfsg-1.debian.tar.gz
7d23c7178b4dbbee0f1616df0c7d7dda694476f70333821c3b2fc5d4f01a23b1 1254
php5_5.5.7+dfsg-1_all.deb
4d3fa954d131b994269fc15b58e2819abdb4f035370e2da785d4a589a4c1e63c 266898
php-pear_5.5.7+dfsg-1_all.deb
363bb95f53acaa38e182f8a2a9ac28021211e5ea5e45c860f31bc1f725fa07af 352862
php5-common_5.5.7+dfsg-1_amd64.deb
8bfbd34680636962c801897e8a0d58471972fd09f851be19f34fcce8d662a15a 2137580
libapache2-mod-php5_5.5.7+dfsg-1_amd64.deb
edeefe2f3843a06683baa3a45b0c74ac70293013a983b76f9ac3ea746b156c3a 2136906
libapache2-mod-php5filter_5.5.7+dfsg-1_amd64.deb
95bf3fb97d4c618299cf66d10c1479ce755c73b6a1e0523e9ecca3556b4723eb 4105944
php5-cgi_5.5.7+dfsg-1_amd64.deb
d56e9bfbd5b699c9c516acb116de468bac7603a377617d6474ccf68833ef5cc6 2090410
php5-cli_5.5.7+dfsg-1_amd64.deb
eee57386f10715fb18c7c409ca34de199f1e5e9847f49a439bfc7a11738b0feb 2116214
php5-fpm_5.5.7+dfsg-1_amd64.deb
fe43f2b17d99866532561ea9f3b0e61bdaf869545e115b08a415163883661aab 2134202
libphp5-embed_5.5.7+dfsg-1_amd64.deb
1677820898e2fb3d2a2a353777eb805d5104884a2b3dcbaff25ea40e5fc15801 349644
php5-dev_5.5.7+dfsg-1_amd64.deb
e1872e7a99aef90aa1a486f3d072dcfef4c82fc39bfeb583bad87d2ab9c11bf8 30295604
php5-dbg_5.5.7+dfsg-1_amd64.deb
bd653941cf0fc766bda73e99819b673e2ac04ee6697897c25d0fb925c8f158eb 27034
php5-curl_5.5.7+dfsg-1_amd64.deb
f93373efa5c99791c752405e6fb08e2c2fccad094ee4c3f51f6f74ef8e113abb 9068
php5-enchant_5.5.7+dfsg-1_amd64.deb
0f8287033a8e91089b7b757f1aded0702ef797b498f3d86698163f3c928db2e5 27430
php5-gd_5.5.7+dfsg-1_amd64.deb
bba87eba5ec02afc91ee2ec8bfb2845d2f23af858415e99c94ff9a7ecae939d6 14624
php5-gmp_5.5.7+dfsg-1_amd64.deb
1bed486f01502b1ec7be9a9381e713c563a562b7ac30fe29d9043f8a37d2a544 30014
php5-imap_5.5.7+dfsg-1_amd64.deb
72d9bb5fbb22acc4118555dd8bd6d75bab04ad3c16e056f14dd92078ef686932 41398
php5-interbase_5.5.7+dfsg-1_amd64.deb
1ce6198557e1cad3ddaa0c7aab688bd806a59d9f234576354084c7b0187c1680 108566
php5-intl_5.5.7+dfsg-1_amd64.deb
d995ea37dda537955c6fb838623d90aae5d64be7d1039d67672744ea2911d816 18906
php5-ldap_5.5.7+dfsg-1_amd64.deb
272b737479a662791ca784c8eef4cb3a08d153d4244b5949a92f996c38624010 13998
php5-mcrypt_5.5.7+dfsg-1_amd64.deb
b6bb02e6333470281fd175692cd4d3144a758245bc66df22f7dcd16d4e49c231 11980
php5-readline_5.5.7+dfsg-1_amd64.deb
a74646476e6ddf1adc1b6125cfc55363d8d50977935f6891827d54e38032c3db 62838
php5-mysql_5.5.7+dfsg-1_amd64.deb
378e4ed7f6bc0faec6dad875962268646570aaeceaf74aca6c9f685dfbfa58fd 134724
php5-mysqlnd_5.5.7+dfsg-1_amd64.deb
9a97be4995c5f4f98eb58953bb02c8b538e46b447a5d5d856d3e34141a5259e5 30180
php5-odbc_5.5.7+dfsg-1_amd64.deb
e2660de798b935a8ad2276024390b7f183eead08ad9ec8ab3dd98d0060e693b6 51448
php5-pgsql_5.5.7+dfsg-1_amd64.deb
b087f9371a33ae4d6465aa4cd2265d562364e15d471a364763cef1c22127d48f 8016
php5-pspell_5.5.7+dfsg-1_amd64.deb
3e5627e5362e73bc66d631587eea073b17615b75068a7ce813a784af196ece5e 5388
php5-recode_5.5.7+dfsg-1_amd64.deb
9368c20282563038838b113fd28649c5f6f22f2c36525282bb0feb4b9d633e5d 19058
php5-snmp_5.5.7+dfsg-1_amd64.deb
357cc22ecb28de7698c2253d36d949e644c3a5d80ab1baf0d3ce6110c0ffe646 24042
php5-sqlite_5.5.7+dfsg-1_amd64.deb
b02ec4081183def8e94257fe0a7bc6861f62008564230eb1a87fa9431c79265e 23822
php5-sybase_5.5.7+dfsg-1_amd64.deb
e17a641ccaa26b8e1942617760dc73f10d9014222fdbfc3d5333911aadea242a 16112
php5-tidy_5.5.7+dfsg-1_amd64.deb
05c844f475c28b865f666b50d9743c12446c12ba82bbfd1eec0b5e80ef4b2f0e 35018
php5-xmlrpc_5.5.7+dfsg-1_amd64.deb
f9a75f6282c57e28897caae105b936ae70b5b4a047f3136ff20fcacebbacdd8a 13734
php5-xsl_5.5.7+dfsg-1_amd64.deb
Files:
15e2546d9abb13128abaee545d8c008a 3956 php optional php5_5.5.7+dfsg-1.dsc
77af51aea5a078bd34a1ccd55297d98a 10823400 php optional
php5_5.5.7+dfsg.orig.tar.xz
c5ad4c4b128652734534ed1d76a033be 135646 php optional
php5_5.5.7+dfsg-1.debian.tar.gz
0d8853b0adf2933e9a18aff0136a44ae 1254 php optional php5_5.5.7+dfsg-1_all.deb
1a7b5923d5b85abb2f0e40b32b9b3e21 266898 php optional
php-pear_5.5.7+dfsg-1_all.deb
5c591994bb1911d045720ef7c338ea9d 352862 php optional
php5-common_5.5.7+dfsg-1_amd64.deb
5cb41865ca5a040f6b6fd4d712fc5cd6 2137580 httpd optional
libapache2-mod-php5_5.5.7+dfsg-1_amd64.deb
94c04c1d5859bf047f183d6ac1e24fd5 2136906 httpd extra
libapache2-mod-php5filter_5.5.7+dfsg-1_amd64.deb
a3dd1b05febccfa3146dea0326a1e798 4105944 php optional
php5-cgi_5.5.7+dfsg-1_amd64.deb
e42e8fcfe4de19ff11106745437c92fd 2090410 php optional
php5-cli_5.5.7+dfsg-1_amd64.deb
8ff7d986fe83743ae5ab4a7c6ce1ad47 2116214 php optional
php5-fpm_5.5.7+dfsg-1_amd64.deb
785000284d0c48beaaa6927e29df767b 2134202 php optional
libphp5-embed_5.5.7+dfsg-1_amd64.deb
3f7d66cb959c39950d039320243b4d57 349644 php optional
php5-dev_5.5.7+dfsg-1_amd64.deb
599f8d4b2a0da3af200a2577666c3cf0 30295604 debug extra
php5-dbg_5.5.7+dfsg-1_amd64.deb
109ad4f3ea3bfe0c500b0075f5424efe 27034 php optional
php5-curl_5.5.7+dfsg-1_amd64.deb
a1815f0187ea1bbb42a219dbab107011 9068 php optional
php5-enchant_5.5.7+dfsg-1_amd64.deb
726dc42e715b4e279532fedf97b37bde 27430 php optional
php5-gd_5.5.7+dfsg-1_amd64.deb
2a94a84971b57dd0decd9893edd525d1 14624 php optional
php5-gmp_5.5.7+dfsg-1_amd64.deb
b455452bab05314804ff4a383223ac6b 30014 php optional
php5-imap_5.5.7+dfsg-1_amd64.deb
8d44371419a0bd79230b1bacde937e37 41398 php optional
php5-interbase_5.5.7+dfsg-1_amd64.deb
9c72ab839eab243b384f6b65506276fc 108566 php optional
php5-intl_5.5.7+dfsg-1_amd64.deb
d2c51f04df57c8fc19c028e82c810d58 18906 php optional
php5-ldap_5.5.7+dfsg-1_amd64.deb
7645112ae3d966f10798c9c7be7f930f 13998 php optional
php5-mcrypt_5.5.7+dfsg-1_amd64.deb
f19af1eb11b8ccd328b8d7c9a1078e4c 11980 php optional
php5-readline_5.5.7+dfsg-1_amd64.deb
27a69b2f03e4d0de5b78b2266388585b 62838 php optional
php5-mysql_5.5.7+dfsg-1_amd64.deb
4d91d7dcd579fd14399381db83c3c078 134724 php extra
php5-mysqlnd_5.5.7+dfsg-1_amd64.deb
29c32386e574b66c96cbd2a3aa286af3 30180 php optional
php5-odbc_5.5.7+dfsg-1_amd64.deb
176a1f1d0a579eb0f39bf136fba92264 51448 php optional
php5-pgsql_5.5.7+dfsg-1_amd64.deb
069e1b7d77e793d335454d6478a561e1 8016 php optional
php5-pspell_5.5.7+dfsg-1_amd64.deb
598454bf551b8b9c53c42a1ff6501464 5388 php optional
php5-recode_5.5.7+dfsg-1_amd64.deb
fdf34c30bc0556cb8683905239b64a8f 19058 php optional
php5-snmp_5.5.7+dfsg-1_amd64.deb
53fb3ec09be1aa9b0d5674d0f46b8019 24042 php optional
php5-sqlite_5.5.7+dfsg-1_amd64.deb
ce821527bbc4ed938fb6793c07e4c1c3 23822 php optional
php5-sybase_5.5.7+dfsg-1_amd64.deb
1de799d8bae88ffa4a8167aff459e285 16112 php optional
php5-tidy_5.5.7+dfsg-1_amd64.deb
b6ad1bbc3e5b34d3f1f4ce63d29c02f6 35018 php optional
php5-xmlrpc_5.5.7+dfsg-1_amd64.deb
2477957caf0d8a2d592ba4913e0549e4 13734 php optional
php5-xsl_5.5.7+dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlKqHqMACgkQ9OZqfMIN8nPGiQCgizsjCeevJDU4ZDDJfXdruMWE
FzoAoIV+gpZ7jKsaZVytME8sDPGKXUR7
=tRZj
-----END PGP SIGNATURE-----
--- End Message ---